Magento 2.4.5 introduces improvements to platform quality, payment methods, GraphQL caching performance, and accessibility. It includes updates to integrated Google modules.
Magento 2.4.5 Highlights & Updates
1. Magento 2.4.5 Security Enhancements:
This release includes 20 security fixes and platform security improvements. This security fix has been backported to Magento Open Source 2.4.4-p1 and Magento Open Source 2.3.7-p4. Most of these issues require an attacker first to access the Admin. As a result, we remind you to take all necessary steps to protect your Admin, including but not limited to these efforts:
- IP allows listing
- Two-factor authentication
- Use of a VPN
- Use of a unique location rather than /admin
- Good Password Hygiene
Magento 2.4.5 Additional Security Enhancement :
- reCAPTCHA’s support has been added to the Wish List Sharing, Create New Customer Account and Gift Card forms.
- ACL resources have been added to the Inventory.
- Inventory template security has been enhanced.
- The malicious code filter has been upgraded to use the HtmlPurifier library.
Magento 2.4.5 Platform Enhancements :
- Support from Composer 2.2
- TinyMCE 5.10.2
- jQuery UI (1.13.1)
- Upgrade of twenty composer dependencies
- Upgrade all outdated JS to the latest version in Adobe Commerce 2.4.5.
2. Magento 2.4.5 GraphQL Enhancements :
Developers and administrators experience faster rebuilding of the unified storefront GraphQL schema on deployment or when changing attributes in production. Shoppers also experience significantly faster page load speeds when the GraphQL schema must be rebuilt for any reason.
- Added capability to consume the expiration date/time of the authorization token through the use of JSON Web Tokens (JWT) in the GraphQL API.
- Allows disabling the session cookies for all GraphQL operations completely.
- Session usage has been removed from the HTTP header.
3. Magento 2.4.5 Payments Updates :
- Merchants in Spain and Italy can now offer PayPal Pay Later to shoppers.
- Previews of the PayPal, Credit and Pay Later buttons are now available in the Admin for the checkout, mini-cart, cart, and product pages. Previews reveal how these buttons will look when enabled and rendered on the storefront.
- Braintree has discontinued the MOUNT fraud protection integration. It has been removed from the Magento Open Source codebase.
- The Always request 3DS option has been added to the Admin.
4. Magento 2.4.5 PWA Studio Updates:
- Shopper behavior data is collected on PWA Studio storefront for web analytics services. Merchants can now subscribe and extend these events as needed.
- Merchants can now select a service to deploy from the Admin (Google Tag Manager).
5. Magento 2.4.5 Fixed Issues
Magento 2.4.5 Installation, upgrade, deployment :
- You can now rename a data patch and add the old class name as an alias in the patch_list database table. Now checks whether data patch aliases already existed in the database before applying the patch. Previously, Magento Open Source threw an error under these conditions.
- Magento Open Source no longer throws an exception when you try to change the Admin URL to a custom URL from the Admin. Previously, after changing the Admin URL, you could not log in.
- Merchants can now successfully upgrade from a Magento 2.4.2 deployment with Klarna to Magento 2.4.3.
- The path to Magento Analytics is no longer hard-coded. Previously, this hard-coded path resulted in conflicts when multiple Magento instances were installed on one server.
Magento 2.4.5 Cart and checkout :
- The address search pop-up on the billing step of the checkout workflow no longer causes DOM errors.
- The add Products To Cart mutation now works correctly with multiple products. Previously, this query returned the first product with an accurate subtotal but returned a subtotal of 0 for other products.
- Permission exceptions are now handled for restricted products that are added by SKU. Shoppers are now given an appropriate message on the storefront, and the quantity field in the error table is disabled. Previously, Magento Open Source threw an exception like this: There has been an error processing your request.
- The SQL query that updates affected quotes after disabling a cart price rule has been optimized to avoid locking the entire quote table.
- Shoppers with global account sharing are no longer required to log in again to a secondary website in a multi-site deployment when guest checkout is disabled. Customer data is now loaded when the shopper navigates to the subdomain. The shopper is no longer asked to log in again, and the previous cart contents are displayed.
- Address dropdown values in the checkout workflow no longer change for the remaining items in a quote when a single quantity address item is removed in a multi-address checkout. Previously, when a product was removed from a quote during multi-address checkout, the address dropdown value changed to default for all products.
- The cart query no longer returns null responses when a product is out of stock. A new error element containing the error message was introduced to the response. Previously, when you ran a query with an out-of-stock product, Magento Open Source displayed a null value under the items section in the response. See cart query.
- Shipping methods are now available as expected when a guest shopper creates an account after adding a product to their cart before proceeding to checkout. Previously, when a guest added a product to the cart before creating an account, no shipping methods were available during checkout. After adding other products to the cart, shipping methods became available.
- Shoppers can add products to their carts when no options in the Allow Countries field have been selected.
- Cart contents and login status are now reloaded as expected after a session times out when Enable Persistence is set to Yes.
- Mini cart subtotals are now updated correctly when a shopper navigates from the shipping page to the cart page in the checkout workflow for an order with multiple shipping addresses. Previously, the subtotal was doubled.
- The mini cart now displays previously added products after a session timeout when Enable Persistence is enabled
- Merchants can now create a credit memo in which Refund Shipping (Incl. Tax) is set to -0.01 and can now put this amount to 0. Previously, the credit memo could not be created under these conditions.
6. Magento 2.4.5 Updates Overview :
- Changing the Admin URL no longer throws an exception.
- The cart total for a bundle product is calculated correctly when the Product Subselect rule is applied.
- Issues related to Adobe Stock sign-out fixed.
- A single login is now valid for shoppers with global account sharing for multiple store views.
- Admin Action Log report issues fixed.
- Correct price for the configurable products is displayed on the product page after changing its quantity.
- System emails work efficiently with an email address that contains “-”.
- An error will be displayed on the shipping page if the customer provides an invalid email.
- Admins can now set the session size to 0 from the backend, no longer logging out of the admin.
- Admin will now be able to translate the title of the “Show Password” checkbox on all appropriate pages.
- The name of customers is now displayed correctly when the order is placed by a ‘guest’ using PayPal.
- Product filtering by color in layered navigation now works efficiently.
- Lengthy name text is now wrapped.
- Payment Information credit card option text elements or images of text now meet the WCAG 2.0 required minimum color contrast ratio of 4.5:1 for standard text of 18pt (24px) or 14pt (19px) is bolded. Previously, they did not meet the expected contrast ratio.
- Magento Open Source now correctly calculates the cart total for a bundle product when the Product Subselect rule is applied.
Transform your business ideas into responsible, user-friendly applications with our Magento development experts.
👉 Tap on: www.amigoways.com/magento-development
Connect with us: 📨 firstname.lastname@example.org 📲+91-99439-04056